New two-factor one-time password authentication system for company networks

Small and medium businesses would do well to invest in the two-factor authentication system

ESET Secure Authentication™, simple and highly efficient application, makes use of remote end-users' mobile devices to deliver a one-time password (OTP) when they connect to company networks, providing added security to the network and the device. ESET Secure Authentication is available immediately through the ESET Southern Africa partner network.

"The 2FA (two-factor authentication) market represents a significant opportunity for ESET and for our network of valued ESET partners," said Carey van Vlaanderen, chief executive of ESET Southern Africa. "ESET Secure Authentication is simple to use, easy to administer and provides a critical layer of security for remote users. We believe the market for software-based authentication is healthy and growing, and we want to make sure our SMB (small and medium business) customers have access to critical security options that work the way they work."

According to a recent report by Frost & Sullivan, the global OTP market will approach US $1.1-billion by 2016 and the software OTP segment is growing at a compound annual growth rate of approximately 10.3%. Poor passwords and unsecured remote network access make every business a potential target and a potential customer.

With millions of passwords compromised each year, many companies have already experienced data loss, damage to their reputations and decreased revenue. Cybercriminals don't just focus on the largest enterprises: as the threat landscape evolves, small businesses prove attractive targets.

"Criminal hacking is increasingly sophisticated and organised, and it is constantly growing in both scale and scope. What many smaller businesses don't realise is that they are an appealing target to cybercriminals - a tempting combination of opportunity, access and potential return," adds Van Vlaanderen. "If you're in business today and not employing multifactor protection on your systems, then you're putting your customers, your reputation and your livelihood at risk."

When customer information is on the line, passwords alone are not enough. A host of regulations compel businesses of every size to protect that information or face the possibility of legal action, which may include penalties, commerce restrictions and substantial fines. Examples of regulations that specifically require two-factor authentication include Payment Card Industry Data Security Standards (PCI DSS).

In a South African context, there are regulations that set standards for the secure management of information, most notably the Electronic Communications and Transactions Act (ECT). According to Drew van Vuuren, CEO of 4Di Privaca, a specialist Information security and privacy practice: “In a broader context, the forthcoming Protection of Personal Information Act will provide guidelines around the secure processing of personal information, which includes a secure access methodology. These regulations highlight the importance that multifactor authentication holds in the protection of customer information and key business data.”

Designed to be very simple to install, easy to configure and convenient to manage, ESET Secure Authentication offers email protection for Outlook® Web Access/App and connectivity protection for VPN customers who use RADIUS, the ubiquitous Remote Authentication Dial-In User Service networking protocol. Because the solution is both lightweight and readily administered, it provides SMB customers with a compelling total cost of ownership.

Key benefits

Automatic configuration: Installation of the mobile application is designed to be simple and seamless, starting with a 'double-click' installer. The user clicks on a link in a text message sent from ESET to his/her device. This automatically installs and activates the application. Text-based SMS messages are supported for users who cannot install, or have not yet installed, the mobile application. The application itself will be available for download via Google Play™, the Apple® App Store, BlackBerry® App World or directly from ESET provisioning servers.

Protection of Outlook Web Access/App Endpoints: OWA is integrated with ESET two-factor authentication via a native plug-in. The application prevents access to OWA until the user has successfully authenticated with their unique one-time password.

Protection of RADIUS Endpoints: RADIUS is the de-facto standard networking protocol for user authentication in the VPN market. RADIUS serves three functions: to authenticate users or devices before granting them access to a network, to authorise those users or devices for certain network services, and to account for usage of those services.

Product availability

ESET Secure Authentication is immediately available in southern Africa. For more information contact sales@eset.co.za.